11.4.4 Remote Diagnostic and Configuration Port Protection

Illustrative Controls and TIBCO LogLogic Solution

Remote diagnostics and configuration are most often performed during emergency situations. Vendors might require organizations to provide additional access to perform remote diagnostics. It is inevitable that accounts must be created for emergency mode access. These accounts might be required for vendors so that they can perform remote troubleshooting as well as maintenance of the equipment in the IT infrastructure. Great care must be taken to ensure that these vendors only have access during maintenance hours and when personnel are available to monitor the process.

Administrators must identify all access to ensure vendors are only logging in during maintenance hours. Administrators must also review access to the IT infrastructure to ensure no access is performed during unauthorized hours. In addition, Administrators must establish (and implement as needed) procedures to enable continuation of critical business processes for protection of the security of information assets while operating in emergency mode.

Reports and Alerts

Use the following link/reference to see the 11.4.4 reports and alerts: TIBCO LogLogic Reports and Alerts Quick Reference.